Diplomat | Political Security Vulnerabilities
Upcoming Book on AI and Democracy
If you've been reading my blog, you've noticed that I have written a lot about AI and democracy, mostly with my co-author Nathan Sanders. I am pleased to announce that we're writing a book on the topic. This isn't a book about deep fakes, or misinformation. This is a book about what happens when...
7.3AI Score
Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data
The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has...
7.8CVSS
7.5AI Score
0.974EPSS
TeamViewer Detects Security Breach in Corporate IT Environment
TeamViewer on Thursday disclosed it detected an "irregularity" in its internal corporate IT environment on June 26, 2024. "We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts and implemented necessary...
7.2AI Score
WikiLeaks' Julian Assange Released from U.K. Prison, Heads to Australia
WikiLeaks founder Julian Assange has been freed in the U.K. and has departed the country after serving more than five years in a maximum security prison at Belmarsh for what was described by the U.S. government as the "largest compromises of classified information" in its history. Capping off a...
6.8AI Score
SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques
Cisco Talos recently discovered an ongoing campaign from SneakyChef, a newly discovered threat actor using SugarGh0st malware, as early as August 2023. In the newly discovered campaign, we observed a wider scope of targets spread across countries in EMEA and Asia, compared with previous...
7AI Score
KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The...
6.8AI Score
The Hacking of Culture and the Creation of Socio-Technical Debt
Culture is increasingly mediated through algorithms. These algorithms have splintered the organization of culture, a result of states and tech companies vying for influence over mass audiences. One byproduct of this splintering is a shift from imperfect but broad cultural narratives to a...
6.8AI Score
Rethinking Democracy for the Age of AI
There is a lot written about technology's threats to democracy. Polarization. Artificial intelligence. The concentration of wealth and power. I have a more general story: The political and economic systems of governance that were created in the mid-18th century are poorly suited for the 21st...
6.4AI Score
As India concluded the world's largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions used artificial intelligence technologies--and what lessons that holds for the rest of the world. The campaigns made extensive use of...
7.2AI Score
Using AI for Political Polling
Public polling is a critical function of modern political campaigns and movements, but it isn't what it once was. Recent US election cycles have produced copious postmortems explaining both the successes and the flaws of public polling. There are two main reasons polling fails. First, nonresponse.....
6.5AI Score
Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia
Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People's Republic of China (PRC). "The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs,"...
7AI Score
Security and Human Behavior (SHB) 2024
This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder, Ross Anderson, died unexpectedly. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of...
7.4AI Score
Third-Party Cyber Attacks: The Threat No One Sees Coming – Here's How to Stop Them
_Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. _ In an...
9AI Score
How Donald Trump Could Weaponize US Surveillance in a Second Term
Donald Trump has vowed to go after political enemies, undocumented immigrants, and others if he wins. Experts warn he could easily turn the surveillance state against his...
7.2AI Score
I don't think it's an exaggeration to predict that artificial intelligence will affect every aspect of our society. Not by doing new things. But mostly by doing things that are already being done by humans, perfectly competently. Replacing humans with AIs isn't necessarily interesting. But when an....
7.4AI Score
OpenAI, Meta, and TikTok Crack Down on Covert Influence Campaigns, Some AI-Powered
OpenAI on Thursday disclosed that it took steps to cut off five covert influence operations (IO) originating from China, Iran, Israel, and Russia that sought to abuse its artificial intelligence (AI) tools to manipulate public discourse or political outcomes online while obscuring their true...
6.8AI Score
Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed
Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022. "An analysis of this threat actor's activity reveals long-term.....
7.5AI Score
Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats
Rockwell Automation is urging its customers to disconnect all industrial control systems (ICSs) not meant to be connected to the public-facing internet to mitigate unauthorized or malicious cyber activity. The company said it's issuing the advisory due to "heightened geopolitical tensions and...
9.8CVSS
8.1AI Score
0.009EPSS
Cisco Talos is delighted to share updates about our ongoing partnership with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to combat cybersecurity threats facing civil society organizations. Talos has partnered with CISA on several initiatives through the Joint Cyber Defense...
7.4AI Score
Exploit for Code Injection in Openplcproject Openplc V3 Firmware
CVE-2021-31630 Exploit This PoC was originally developed by...
8.8CVSS
8.7AI Score
0.006EPSS
North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms
The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms. "Durian boasts comprehensive backdoor functionality, enabling the...
7AI Score
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. "The campaign sent emails with content intended to arouse the recipient's interest and persuade him to click on the link," the computer...
6.7AI Score
For more than six years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research. They provide a representative snapshot of what we have published.....
7.7AI Score
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The.....
9.8CVSS
7.6AI Score
0.902EPSS
The Rise of Large-Language-Model Optimization
The web has become so interwoven with everyday life that it is easy to forget what an extraordinary accomplishment and treasure it is. In just a few decades, much of human knowledge has been collectively written up and made available to anyone with an internet connection. But all of this is coming....
6.7AI Score
German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects...
6.8AI Score
Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?
If you're a regular reader of this newsletter, you already know about how strongly I feel about the dangers of spreading fake news, disinformation and misinformation. And honestly, if you're reading this newsletter, I probably shouldn't have to tell you about that either. But one of the things...
7.8AI Score
Apple warns people of mercenary attacks via threat notification system
Apple has reportedly sent alerts to individuals in 92 nations on Wednesday, April 10, to say it's detected that they may have been a victim of a mercenary attack. The company says it has sent out these types of threat notifications to over 150 countries since the start in 2021. Mercenary spyware...
7.1AI Score
Attacks, Vulnerabilities and Actors 25 to 31 March 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of twelve attacks were executed, ten vulnerabilities were uncovered, and two active adversaries were.....
8.1AI Score
0.0004EPSS
APT29 Targets German Political Parties with New WINELOADER
Summary: APT29, linked to Russia's SVR, targeted German political parties in late February 2024 using a new backdoor variant named WINELOADER, signaling a shift in operational focus beyond diplomatic missions. This marks a broader threat to European and Western political entities, driven by the...
7.1AI Score
U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation
The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng...
7.4AI Score
Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks
The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera. The activity, which took place from March 7 through the...
7.4AI Score
Russian Hackers Use 'WINELOADER' Malware to Target German Political Parties
The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia's Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft. The...
6.8AI Score
Public AI as an Alternative to Corporate AI
This mini-essay was my contribution to a round table on Power and Governance in the Age of AI. It's nothing I haven't said here before, but for anyone who hasn't read my longer essays on the topic, it's a shorter introduction. The increasingly centralized control of AI is an ominous sign. When...
7AI Score
AI and the Evolution of Social Media
Oh, how the mighty have fallen. A decade ago, social media was celebrated for sparking democratic uprisings in the Arab world and beyond. Now front pages are splashed with stories of social platforms’ role in misinformation, business conspiracy, malfeasance, and risks to mental health. In a 2022...
6.3AI Score
Not everything has to be a massive, global cyber attack
Some of my Webex rooms recently have been blowing up with memes about blaming Canada or wild speculation that a state-sponsored actor is carrying out some sort of major campaign. After a widespread outage of cellular service with AT&T and other carriers a few weeks ago, people were sure it was...
6.8AI Score
0.0004EPSS
Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats
Google's Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with...
7.2AI Score
Predator spyware vendor banned in US
The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US. Predator can turn infected smartphones into surveillance devices. Intellexa is based in Greece but the Treasury Department imposed the sanctions because of.....
7.4AI Score
How Public AI Can Strengthen Democracy
With the world's focus turning to misinformation, manipulation, and outright propaganda ahead of the 2024 U.S. presidential election, we know that democracy has an AI problem. But we're learning that AI has a democracy problem, too. Both challenges must be addressed for the sake of democratic...
6.9AI Score
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration will drive the next era of growth, wealth, and human flourishing. It's a scary metaphor. Throughout American history, the drive for expansion and the very concept of terrain....
6.8AI Score
President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations
U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens' personal data to countries of concern. The Executive Order also "provides safeguards around other activities that can give those countries access to Americans' sensitive data," the White House said....
6.9AI Score
Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors
An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and...
7.1AI Score
FTC Slams Avast with $16.5 Million Fine for Selling Users' Browsing Data
The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users' browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web...
6.7AI Score
TikTok’s latest actions to combat misinformation shows it’s not just a U.S. problem
When we talk about the term "fake news," most people likely picture a certain person who made the term infamous. And when we talk about misinformation and disinformation, many will remember the "Russian troll farms" that popped up during the 2016 U.S. presidential election and were unmasked and...
6.9AI Score
In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or...
9.8CVSS
9.7AI Score
0.074EPSS
Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS
The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command...
9.8CVSS
9.8AI Score
0.074EPSS
New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam
Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is "notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess...
9.8CVSS
9.7AI Score
0.074EPSS
Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks
Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing...
9.6AI Score
Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative
Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023. This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U.S., phishing campaigns...
9.8CVSS
9.4AI Score
0.074EPSS
Russian Hackers Hit Mail Servers in Europe for Political and Military Intel
By Deeba Ahmed Email servers compromised in 80 organizations as Russian-linked TAG-70 group targets European governments. This is a post from HackRead.com Read the original post: Russian Hackers Hit Mail Servers in Europe for Political and Military...
7.3AI Score